Change log for clamav package in Ubuntu

175 of 427 results
Published in disco-release on 2019-01-24
Deleted in disco-proposed (Reason: moved to release)
clamav (0.100.2+dfsg-2ubuntu1) disco; urgency=medium

  * Sync with Debian. Remaining change:
    - clamav-daemon may fail to start due to options removed in new version
      and manually edited configuration file. (LP: #1783632)
      + debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
        add patch from Debian stretch to simply warn about removed options.
  * Dropped change:
    - Build-Depend on pcre3-dev (pcre2 is now in Ubuntu main) (LP: #1792544)

Published in trusty-updates on 2018-11-13
Published in trusty-security on 2018-11-13
clamav (0.100.2+dfsg-1ubuntu0.14.04.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-18585.patch: Ensure file names are valid in
      libclamav/libmspack-0.5alpha/mspack/chmd.c
    - CVE-2018-18585
  * SECURITY UPDATE: One byte buffer overflow -
    - debian/patches/CVE-2018-18584.patch: Ensure input buffer is large
      enough in libclamav/libmspack-0.5alpha/mspack/cab.h
    - CVE-2018-18584

 -- Alex Murray <email address hidden>  Fri, 09 Nov 2018 16:38:09 +1030
Superseded in disco-release on 2019-01-24
Published in cosmic-release on 2018-10-11
Deleted in cosmic-proposed (Reason: moved to release)
clamav (0.100.2+dfsg-0ubuntu1) cosmic; urgency=medium

  * Updated to version 0.100.2 to fix security issue.
    - CVE-2018-15378
  * Bump to new symbol version
    - debian/rules: set CL_FLEVEL 93.
    - debian/libclamav7.symbols: updated to new version.

 -- Marc Deslauriers <email address hidden>  Wed, 10 Oct 2018 14:06:42 -0400
Superseded in trusty-updates on 2018-11-13
Superseded in trusty-security on 2018-11-13
clamav (0.100.2+dfsg-1ubuntu0.14.04.1) trusty-security; urgency=medium

  * Updated to version 0.100.2 to fix security issue.
    - CVE-2018-15378
  * Bump to new symbol version
    - debian/rules: set CL_FLEVEL 93.
    - debian/libclamav7.symbols: updated to new version.
  * Removed patches included in new version:
    - debian/patches/CVE-2018-14679-and-CVE-2018-14680.patch
    - debian/patches/CVE-2018-14681.patch
    - debian/patches/CVE-2018-14682.patch

 -- Marc Deslauriers <email address hidden>  Wed, 10 Oct 2018 13:33:17 -0400
Published in xenial-updates on 2018-10-11
Published in xenial-security on 2018-10-11
clamav (0.100.2+dfsg-1ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to version 0.100.2 to fix security issue.
    - CVE-2018-15378
  * Bump to new symbol version
    - debian/rules: set CL_FLEVEL 93.
    - debian/libclamav7.symbols: updated to new version.

 -- Marc Deslauriers <email address hidden>  Wed, 10 Oct 2018 13:31:49 -0400
Published in bionic-updates on 2018-10-11
Published in bionic-security on 2018-10-11
clamav (0.100.2+dfsg-1ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to version 0.100.2 to fix security issue.
    - CVE-2018-15378
  * Bump to new symbol version
    - debian/rules: set CL_FLEVEL 93.
    - debian/libclamav7.symbols: updated to new version.

 -- Marc Deslauriers <email address hidden>  Wed, 10 Oct 2018 13:25:28 -0400
Superseded in trusty-updates on 2018-10-11
Superseded in trusty-security on 2018-10-11
clamav (0.100.1+dfsg-1ubuntu0.14.04.4) trusty-security; urgency=medium

  * debian/clamav-daemon.config.in: fix infinite loop during
    dpkg-reconfigure (LP: #1792051)

 -- Marc Deslauriers <email address hidden>  Thu, 13 Sep 2018 14:00:26 -0400
Superseded in xenial-updates on 2018-10-11
Superseded in xenial-security on 2018-10-11
clamav (0.100.1+dfsg-1ubuntu0.16.04.3) xenial-security; urgency=medium

  * debian/clamav-daemon.config.in: fix infinite loop during
    dpkg-reconfigure (LP: #1792051)

 -- Marc Deslauriers <email address hidden>  Thu, 13 Sep 2018 13:59:54 -0400
Superseded in bionic-updates on 2018-10-11
Superseded in bionic-security on 2018-10-11
clamav (0.100.1+dfsg-1ubuntu0.18.04.3) bionic-security; urgency=medium

  * debian/clamav-daemon.config.in: fix infinite loop during
    dpkg-reconfigure (LP: #1792051)

 -- Marc Deslauriers <email address hidden>  Thu, 13 Sep 2018 13:59:22 -0400
Superseded in cosmic-release on 2018-10-11
Deleted in cosmic-proposed on 2018-10-12 (Reason: moved to release)
clamav (0.100.1+dfsg-1ubuntu3) cosmic; urgency=medium

  * debian/clamav-daemon.config.in: fix infinite loop during
    dpkg-reconfigure (LP: #1792051)

 -- Marc Deslauriers <email address hidden>  Thu, 13 Sep 2018 13:44:52 -0400
Superseded in trusty-updates on 2018-09-18
Superseded in trusty-security on 2018-09-18
clamav (0.100.1+dfsg-1ubuntu0.14.04.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-14679-and-CVE-2018-14680.patch:
      fix in libclamav/libmspack-0.5alpha/mspack/cchmd.c.
    - CVE-2018-14679
    - CVE-2018-14680
  * SECURITY UPDATE: Bytes overwire with bad KWAJ file extension
    - debian/patches/CVE-2018-14681.patch: fix in
      libclamav/libmspack-0.5alpha/mspack/kwajd.c.
    - CVE-2018-14681
  * SECURITY UPDATE: Off-by-one error
    - debian/patches/CVE-2018-14682.patch: fix in
      libclamav/libmspack-0.5alpha/mspack/chmd.c.
    - CVE-2018-14682

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 01 Aug 2018 13:18:44 -0300
Superseded in cosmic-release on 2018-09-13
Deleted in cosmic-proposed on 2018-09-15 (Reason: moved to release)
clamav (0.100.1+dfsg-1ubuntu2) cosmic; urgency=medium

  * clamav-daemon may fail to start due to options removed in new version
    and manually edited configuration file. (LP: #1783632)
    - debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
      add patch from Debian stretch to simply warn about removed options.

 -- Marc Deslauriers <email address hidden>  Thu, 26 Jul 2018 11:00:29 -0400
Superseded in xenial-updates on 2018-09-18
Superseded in xenial-security on 2018-09-18
clamav (0.100.1+dfsg-1ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY REGRESSION: clamav-daemon fails to start due to options
    removed in new version and manually edited configuration file.
    (LP: #1783632)
    - debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
      add patch from Debian stretch to simply warn about removed options.

 -- Marc Deslauriers <email address hidden>  Thu, 26 Jul 2018 10:27:58 -0400
Superseded in trusty-updates on 2018-08-02
Superseded in trusty-security on 2018-08-02
clamav (0.100.1+dfsg-1ubuntu0.14.04.2) trusty-security; urgency=medium

  * SECURITY REGRESSION: clamav-daemon fails to start due to options
    removed in new version and manually edited configuration file.
    (LP: #1783632)
    - debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
      add patch from Debian stretch to simply warn about removed options.

 -- Marc Deslauriers <email address hidden>  Thu, 26 Jul 2018 10:28:32 -0400
Superseded in bionic-updates on 2018-09-18
Superseded in bionic-security on 2018-09-18
clamav (0.100.1+dfsg-1ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY REGRESSION: clamav-daemon fails to start due to options
    removed in new version and manually edited configuration file.
    (LP: #1783632)
    - debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
      add patch from Debian stretch to simply warn about removed options.

 -- Marc Deslauriers <email address hidden>  Thu, 26 Jul 2018 10:24:27 -0400
Superseded in trusty-updates on 2018-07-26
Superseded in trusty-security on 2018-07-26
clamav (0.100.1+dfsg-1ubuntu0.14.04.1) trusty-security; urgency=medium

  * Rebuild as security update for 14.04 to fix multiple issues
    - CVE-2018-0360
    - CVE-2018-0361
  * Re-enable LLVM support:
    - debian/control: add llvm-3.6-dev to BuildDepends.
    - debian/rules: add llvm back.
  * debian/clamav-daemon.postinst.in: updated version to drop support for
    clamav-daemon.socket.
  * debian/control: switch libtfm-dev to libtommath-dev, remove
    dh-strip-nondeterminism, electric-fence, and libsystemd-dev.
  * Use internal libmspack:
    - debian/control: remove libmspack-dev.
    - debian/rules: remove --with-system-libmspack.
    - debian/libclamav7.install: add libclammspack.so.0*.
    - debian/libclamav-dev.install: add libclammspack.so.
  * Revert to Debhelper in 14.04:
    - debian/compat: set to 8
    - debian/control: set debhelper to 8.9.7
  * debian/{libclamav7,libclamav-dev}.install: fix file locations
  * debian/rules: modify to not use dpkg-parsechangelog -S
  * debian/control: remove Multi-Arch and Rules-Requires-Root tags.
  * Don't built with json and curl:
    - debian/rules: remove --with-libjson and --with-libcurl=/usr.
    - debian/control: remove libjson-c-dev, libcurl4-openssl-dev.
    - debian/clamav.install: remove clamsubmit.
    - debian/clamav.manpages: remove clamsubmit.1.
  * Removed clamdscan package:
    - debian/control: removed package section
    - debian/clamdscan.*: removed and added files to clamav-daemon.*
  * Added clamav-dbg package:
    - debian/control: added package section
    - debian/rules: use --dbg-package, not --dbgsym-migration
  * debian/control: updated clamav-daemon Breaks versions.

 -- Marc Deslauriers <email address hidden>  Mon, 23 Jul 2018 09:27:00 -0400
Superseded in bionic-updates on 2018-07-26
Superseded in bionic-security on 2018-07-26
clamav (0.100.1+dfsg-1ubuntu0.18.04.1) bionic-security; urgency=medium

  * Rebuild as security update for 18.04 to fix multiple issues
    - CVE-2018-0360
    - CVE-2018-0361
  * Re-enable LLVM support:
    - debian/control: add llvm-3.9-dev to BuildDepends.
    - debian/rules: add llvm back.
  * debian/clamav-daemon.postinst.in: updated version to drop support for
    clamav-daemon.socket.

 -- Marc Deslauriers <email address hidden>  Thu, 19 Jul 2018 08:07:50 -0400
Superseded in xenial-updates on 2018-07-26
Superseded in xenial-security on 2018-07-26
clamav (0.100.1+dfsg-1ubuntu0.16.04.1) xenial-security; urgency=medium

  * Rebuild as security update for 16.04 to fix multiple issues
    - CVE-2018-0360
    - CVE-2018-0361
  * Re-enable LLVM support:
    - debian/control: add llvm-3.6-dev to BuildDepends.
    - debian/rules: add llvm back.
  * debian/clamav-daemon.postinst.in: updated version to drop support for
    clamav-daemon.socket.
  * debian/control: switch libtfm-dev to libtommath-dev
  * Revert to Debhelper in 16.04:
    - debian/compat: set to 8
    - debian/control: set debhelper to 8.9.7, add dh-systemd
    - debian/rules: add --with systemd
  * debian/{libclamav7,libclamav-dev}.install: fix file locations
  * debian/control: remove Multi-Arch and Rules-Requires-Root tags.
  * Added clamav-dbg package:
    - debian/control: added package section
    - debian/rules: use --dbg-package, not --dbgsym-migration

 -- Marc Deslauriers <email address hidden>  Thu, 19 Jul 2018 08:07:50 -0400
Superseded in cosmic-release on 2018-07-26
Deleted in cosmic-proposed on 2018-07-27 (Reason: moved to release)
clamav (0.100.1+dfsg-1ubuntu1) cosmic; urgency=medium

  * debian/control: switch Build-Depends from libpcre2-dev to libpcre3-dev
    as pcre2 is in Universe.

 -- Marc Deslauriers <email address hidden>  Wed, 18 Jul 2018 10:29:29 -0400
Superseded in cosmic-release on 2018-07-20
Deleted in cosmic-proposed on 2018-07-22 (Reason: moved to release)
clamav (0.99.4+addedllvm-0ubuntu3) cosmic; urgency=medium

  * d/usr.bin.freshclam: add read permission to the rule governing
    access to /var/log/clamav by freshclam so that it can rotate its
    own logfile. (LP: #1778812) (Closes: #902601)

 -- Andreas Hasenack <email address hidden>  Mon, 09 Jul 2018 16:25:25 -0300
Superseded in cosmic-release on 2018-07-12
Deleted in cosmic-proposed on 2018-07-13 (Reason: moved to release)
clamav (0.99.4+addedllvm-0ubuntu2) cosmic; urgency=medium

  * No-change rebuild for ncurses soname changes.

 -- Matthias Klose <email address hidden>  Thu, 03 May 2018 14:14:05 +0000
Superseded in trusty-updates on 2018-07-24
Superseded in trusty-security on 2018-07-24
clamav (0.99.4+addedllvm-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Updated to 0.99.4 to fix multiple security issues
    - CVE-2018-0202
    - CVE-2018-1000085
  * Removed patches no longer required
    - bb11549-fix-temp-file-cleanup-issue.patch

 -- Marc Deslauriers <email address hidden>  Wed, 07 Mar 2018 13:58:55 +0100
Superseded in xenial-updates on 2018-07-24
Superseded in xenial-security on 2018-07-24
clamav (0.99.4+addedllvm-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 0.99.4 to fix multiple security issues
    - CVE-2018-0202
    - CVE-2018-1000085
  * Removed patches no longer required
    - bb11549-fix-temp-file-cleanup-issue.patch
  * debian/libclamav7.symbols,debian/rules: bumped cl_retflevel.

 -- Marc Deslauriers <email address hidden>  Wed, 07 Mar 2018 13:40:11 +0100
Published in artful-updates on 2018-03-08
Published in artful-security on 2018-03-08
clamav (0.99.4+addedllvm-0ubuntu0.17.10.1) artful-security; urgency=medium

  * Updated to 0.99.4 to fix multiple security issues
    - CVE-2018-0202
    - CVE-2018-1000085
  * Removed patches no longer required
    - bb11549-fix-temp-file-cleanup-issue.patch
  * debian/libclamav7.symbols,debian/rules: bumped cl_retflevel.

 -- Marc Deslauriers <email address hidden>  Wed, 07 Mar 2018 12:29:07 +0100
Superseded in cosmic-release on 2018-05-04
Published in bionic-release on 2018-03-07
Deleted in bionic-proposed (Reason: moved to release)
clamav (0.99.4+addedllvm-0ubuntu1) bionic; urgency=medium

  * Updated to 0.99.4 to fix multiple security issues
    - CVE-2018-0202
    - CVE-2018-1000085
  * Removed patches no longer required
    - bb11549-fix-temp-file-cleanup-issue.patch
  * debian/libclamav7.symbols,debian/rules: bumped cl_retflevel.

 -- Marc Deslauriers <email address hidden>  Wed, 07 Mar 2018 12:07:58 +0100
Superseded in bionic-release on 2018-03-07
Deleted in bionic-proposed on 2018-03-08 (Reason: moved to release)
clamav (0.99.3+addedllvm-0ubuntu2) bionic; urgency=medium

  * No-change rebuild against libcurl4

 -- Steve Langasek <email address hidden>  Wed, 28 Feb 2018 06:47:33 +0000
Superseded in bionic-release on 2018-03-07
Deleted in bionic-proposed on 2018-03-08 (Reason: moved to release)
clamav (0.99.3+addedllvm-0ubuntu1) bionic; urgency=medium

  * Updated to final 0.99.3 release. Previous beta release was based on the
    dev tree, but 0.99.3 ended up being a security update to 0.99.2, so
    some changes and functionality is reverted with this upload.
    - Add back patches still needed with final 0.99.3:
      + Allow-M-suffix-for-PCREMaxFileSize.patch
      + bb11549-fix-temp-file-cleanup-issue.patch
      + drop-AllowSupplementaryGroups-option-and-make-it-def.patch
      + fix-ssize_t-size_t-off_t-printf-modifier.patch
      + libclamav-use-libmspack.patch
    - debian/clamav-daemon.postinst.in: remove new options.
    - debian/libclamav7.symbols: updated for 0.99.3.
    - debian/libclamav7.symbols,debian/rules: bumped cl_retflevel.
    - debian/rules: remove --with-system-libmspack.
    - debian/patches/*: refreshed.

 -- Marc Deslauriers <email address hidden>  Tue, 13 Feb 2018 08:18:35 -0500
Superseded in bionic-release on 2018-02-13
Deleted in bionic-proposed on 2018-02-15 (Reason: moved to release)
clamav (0.99.3~beta1+dfsg-2ubuntu2) bionic; urgency=high

  * No change rebuild against openssl1.1.

 -- Dimitri John Ledkov <email address hidden>  Tue, 06 Feb 2018 12:41:32 +0000
Superseded in trusty-updates on 2018-03-08
Superseded in trusty-security on 2018-03-08
clamav (0.99.3+addedllvm-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Updated to 0.99.3 to fix multiple security issues
    - CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
      CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
  * Removed patches no longer required
    - debian/patches/CVE-2017-6418.patch
    - debian/patches/CVE-2017-6419.patch
    - debian/patches/CVE-2017-6420.patch
    - debian/patches/CVE-2017-6420-2.patch
  * debian/patches/bb11549-fix-temp-file-cleanup-issue.patch: fix temp file
    cleanup issue.

 -- Marc Deslauriers <email address hidden>  Mon, 29 Jan 2018 11:06:20 -0500
Superseded in xenial-updates on 2018-03-08
Superseded in xenial-security on 2018-03-08
clamav (0.99.3+addedllvm-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 0.99.3 to fix multiple security issues
    - CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
      CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
  * Removed patches no longer required
    - debian/patches/CVE-2017-6418.patch
    - debian/patches/CVE-2017-6420.patch
    - debian/patches/CVE-2017-6420-2.patch
  * debian/libclamav7.symbols,debian/rules: bumped cl_retflevel, add check.
  * debian/patches/bb11549-fix-temp-file-cleanup-issue.patch: fix temp file
    cleanup issue.

 -- Marc Deslauriers <email address hidden>  Mon, 29 Jan 2018 10:21:19 -0500
Superseded in artful-updates on 2018-03-08
Superseded in artful-security on 2018-03-08
clamav (0.99.3+addedllvm-0ubuntu0.17.10.1) artful-security; urgency=medium

  * Updated to 0.99.3 to fix multiple security issues
    - CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
      CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
  * Removed patches no longer required
    - debian/patches/make_it_compile_against_openssl_1_1_0.patch
    - debian/patches/zlib-check.patch
    - debian/patches/CVE-2017-6418.patch
    - debian/patches/CVE-2017-6420.patch
    - debian/patches/CVE-2017-6420-2.patch
  * debian/libclamav7.symbols,debian/rules: bumped cl_retflevel.

 -- Marc Deslauriers <email address hidden>  Mon, 29 Jan 2018 10:16:00 -0500
Superseded in xenial-updates on 2018-01-30
Deleted in xenial-proposed on 2018-02-05 (Reason: moved to -updates)
clamav (0.99.2+dfsg-0ubuntu0.16.04.3) xenial; urgency=medium

  * d/control: bump break/replaces dependencies to respect major trusty
    version upgrades (LP: #1532608)

 -- Christian Ehrhardt <email address hidden>  Mon, 15 Jan 2018 13:24:57 +0100
Superseded in bionic-release on 2018-02-08
Deleted in bionic-proposed on 2018-02-10 (Reason: moved to release)
clamav (0.99.3~beta1+dfsg-2ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable (LP: #1732439). Remaining changes:
    - Fix build by forcing llvm 3.9
      (testsuite seems to be failing)
    - debian/patches/fix_newer_zlib.patch: fix compatibility with zlib
      1.2.9 and newer (LP #1692073).
      [DEP3 header updated to indicate it was incorporated upstream]
  * Drop:
    * debian/patches/zlib-check.patch:
      + cherry-pick upstream fix for wrong zlib version check
        [Fixed upstream]
    - SECURITY UPDATE: DoS via crafted e-mail message
      + debian/patches/CVE-2017-6418.patch: fix invalid read in
        libclamav/message.c.
      + CVE-2017-6418
        [Fixed upstream]
    - SECURITY UPDATE: DoS via WWPack compression
      + debian/patches/CVE-2017-6420.patch: add bounds checks to
        libclamav/wwunpack.c.
      + debian/patches/CVE-2017-6420-2.patch: fix unit tests in
        libclamav/wwunpack.c, unit_tests/check_jsnorm.c.
      + CVE-2017-6420
        [Fixed upstream]

Obsolete in zesty-updates on 2018-06-22
Obsolete in zesty-security on 2018-06-22
clamav (0.99.2+dfsg-6ubuntu0.1) zesty-security; urgency=medium

  * SECURITY UPDATE: DoS via crafted e-mail message
    - debian/patches/CVE-2017-6418.patch: fix invalid read in
      libclamav/message.c.
    - CVE-2017-6418
  * SECURITY UPDATE: DoS via WWPack compression
    - debian/patches/CVE-2017-6420.patch: add bounds checks to
      libclamav/wwunpack.c.
    - debian/patches/CVE-2017-6420-2.patch: fix unit tests in
      libclamav/wwunpack.c, unit_tests/check_jsnorm.c.
    - CVE-2017-6420
  * debian/rules: add --disable-zlib-vcheck to disable broken zlib check.
  * debian/control: use llvm-3.9-dev as Build-Depends.
  * debian/rules: use llvm-config-3.9.
  * debian/patches/fix_newer_zlib.patch: fix compatibility with zlib
    1.2.9 and newer (LP: #1692073).

 -- Marc Deslauriers <email address hidden>  Tue, 15 Aug 2017 15:45:22 -0400
Superseded in bionic-release on 2017-11-25
Published in artful-release on 2017-08-16
Deleted in artful-proposed (Reason: moved to release)
clamav (0.99.2+dfsg-6ubuntu2) artful; urgency=medium

  * SECURITY UPDATE: DoS via crafted e-mail message
    - debian/patches/CVE-2017-6418.patch: fix invalid read in
      libclamav/message.c.
    - CVE-2017-6418
  * SECURITY UPDATE: DoS via WWPack compression
    - debian/patches/CVE-2017-6420.patch: add bounds checks to
      libclamav/wwunpack.c.
    - debian/patches/CVE-2017-6420-2.patch: fix unit tests in
      libclamav/wwunpack.c, unit_tests/check_jsnorm.c.
    - CVE-2017-6420
  * debian/patches/fix_newer_zlib.patch: fix compatibility with zlib
    1.2.9 and newer (LP: #1692073).

 -- Marc Deslauriers <email address hidden>  Tue, 15 Aug 2017 16:04:46 -0400
Superseded in trusty-updates on 2018-01-30
Superseded in trusty-security on 2018-01-30
clamav (0.99.2+addedllvm-0ubuntu0.14.04.2) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS via crafted e-mail message
    - debian/patches/CVE-2017-6418.patch: fix invalid read in
      libclamav/message.c.
    - CVE-2017-6418
  * SECURITY UPDATE: DoS and possible code execution via crafted CHM file
    - debian/patches/CVE-2017-6419.patch: fix OOB write in
      libclamav/mspack.c.
    - CVE-2017-6419
  * SECURITY UPDATE: DoS via WWPack compression
    - debian/patches/CVE-2017-6420.patch: add bounds checks to
      libclamav/wwunpack.c.
    - debian/patches/CVE-2017-6420-2.patch: fix unit tests in
      libclamav/wwunpack.c, unit_tests/check_jsnorm.c.
    - CVE-2017-6420

 -- Marc Deslauriers <email address hidden>  Tue, 08 Aug 2017 13:13:56 -0400
Superseded in xenial-updates on 2018-01-29
Superseded in xenial-security on 2018-01-30
clamav (0.99.2+dfsg-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via crafted e-mail message
    - debian/patches/CVE-2017-6418.patch: fix invalid read in
      libclamav/message.c.
    - CVE-2017-6418
  * SECURITY UPDATE: DoS via WWPack compression
    - debian/patches/CVE-2017-6420.patch: add bounds checks to
      libclamav/wwunpack.c.
    - debian/patches/CVE-2017-6420-2.patch: fix unit tests in
      libclamav/wwunpack.c, unit_tests/check_jsnorm.c.
    - CVE-2017-6420

 -- Marc Deslauriers <email address hidden>  Tue, 08 Aug 2017 12:57:22 -0400
Superseded in artful-proposed on 2017-08-15
clamav (0.99.2+dfsg-6ubuntu1) artful; urgency=medium

  * Fix build by forcing llvm 3.9
    (testsuite seems to be failing)
  * debian/patches/zlib-check.patch:
    - cherry-pick upstream fix for wrong zlib version check

 -- Gianfranco Costamagna <email address hidden>  Tue, 02 May 2017 11:18:30 +0200
Superseded in artful-proposed on 2017-05-02
clamav (0.99.2+dfsg-6build1) artful; urgency=medium

  * Rebuild against new llvm versioned symbols.

 -- Gianfranco Costamagna <email address hidden>  Mon, 01 May 2017 22:33:23 +0200
Superseded in artful-release on 2017-08-16
Obsolete in zesty-release on 2018-06-22
Deleted in zesty-proposed on 2018-06-22 (Reason: moved to release)
clamav (0.99.2+dfsg-6) unstable; urgency=medium

  * Fix detection of curl. Patch by Reiner Herrmann <email address hidden>
    (Closes: #852894).

 -- Sebastian Andrzej Siewior <email address hidden>  Sat, 04 Feb 2017 21:54:51 +0100
Superseded in zesty-release on 2017-04-04
Deleted in zesty-proposed on 2017-04-07 (Reason: moved to release)
clamav (0.99.2+dfsg-5ubuntu1) zesty; urgency=medium

  * Merge wuth Debian; remaining changes:
    - Use in-package tomfastmath library instead of libtfm-dev (universe).
      This requires to bring back the following patches:
      + d/p/tfm-drop-__DATE__.patch
      + d/p/tfm-duct-tape-misscompile-on-armhf.patch
      + d/p/tfm-fix-compile-errors.patch

Superseded in zesty-release on 2017-01-04
Obsolete in yakkety-release on 2018-01-23
Deleted in yakkety-proposed on 2018-01-23 (Reason: moved to release)
clamav (0.99.2+dfsg-2ubuntu2) yakkety; urgency=medium

  * Revert to use in-package tomfastmath library instead of libtfm-dev
    which is in Universe. This requires to bring back the following patches :
    d/p/tfm-drop-__DATE__.patch
    d/p/tfm-duct-tape-misscompile-on-armhf.patch
    d/p/tfm-fix-compile-errors.patch

 -- Louis Bouchard <email address hidden>  Thu, 06 Oct 2016 14:49:37 +0200
Superseded in xenial-updates on 2017-08-17
Superseded in xenial-security on 2017-08-17
clamav (0.99.2+dfsg-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 0.99.2 to fix multiple security issues
    - CVE-2016-1371
    - CVE-2016-1372
    - CVE-2016-1405
  * Removed patches included in new version
    - debian/patches/Add-upstream-systemd-support.patch
    - debian/patches/add-LLVM-3.6-support.patch
    - debian/patches/llvm-don-t-use-system-libs.patch
  * Refreshed patches
    - debian/patches/add-support-for-system-tomsfastmath.patch
    - debian/patches/tfm-drop-__DATE__.patch
    - debian/patches/Allow-M-suffix-for-PCREMaxFileSize.patch
    - debian/patches/clamav_add_private_fts_implementation.patch
    - debian/patches/fix-ssize_t-size_t-off_t-printf-modifier.patch
    - debian/patches/libclamav-use-libmspack.patch
  * debian/clamav-daemon.postinst.in: updated to handle new options
    - ScanXMLDOCS
    - ScanHWP3
    - MaxRecHWP3

 -- Marc Deslauriers <email address hidden>  Mon, 19 Sep 2016 10:21:19 -0400
Superseded in trusty-updates on 2017-08-17
Superseded in trusty-security on 2017-08-17
clamav (0.99.2+addedllvm-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Updated to 0.99.2 to fix multiple security issues
    - CVE-2016-1371
    - CVE-2016-1372
    - CVE-2016-1405
  * Removed patches no longer required
    - 0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
    - 0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - 0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - 0018-llvm-don-t-use-system-libs.patch
  * debian/clamav-base.postinst.in: updated to handle new options
    - OnAccessMountPath
    - OnAccessDisableDDD
    - OnAccessPrevention
    - OnAccessExtraScanning
    - PCREMatchLimit
    - PCRERecMatchLimit
    - PCREMaxFileSize
    - ScanXMLDOCS
    - ScanHWP3
    - MaxRecHWP3
  * debian/*: rename libclamav6 to libclamav7.
  * debian/control: add libpcre3-dev to Build-Depends as new signatures
    rely on PCRE support.

 -- Marc Deslauriers <email address hidden>  Tue, 20 Sep 2016 14:34:14 -0400
Published in precise-updates on 2016-09-28
Published in precise-security on 2016-09-28
clamav (0.99.2+addedllvm-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.99.2 to fix multiple security issues
    - CVE-2016-1371
    - CVE-2016-1372
    - CVE-2016-1405
  * Removed patches no longer required
    - 0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
    - 0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - 0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - 0018-llvm-don-t-use-system-libs.patch
  * debian/clamav-base.postinst.in: updated to handle new options
    - OnAccessMountPath
    - OnAccessDisableDDD
    - OnAccessPrevention
    - OnAccessExtraScanning
    - PCREMatchLimit
    - PCRERecMatchLimit
    - PCREMaxFileSize
    - ScanXMLDOCS
    - ScanHWP3
    - MaxRecHWP3
  * debian/*: rename libclamav6 to libclamav7.
  * debian/control: add libpcre3-dev to Build-Depends as new signatures
    rely on PCRE support.

 -- Marc Deslauriers <email address hidden>  Tue, 20 Sep 2016 14:58:40 -0400
Superseded in yakkety-proposed on 2016-10-06
clamav (0.99.2+dfsg-2ubuntu1) yakkety; urgency=medium

  Merge from Debian. Remaining changes :
    * Explicitly build using llvm-3.6.
  Dropped changes :
    * debian/rules: Restore --with-llvm-linking=dynamic to avoid underlinkage
      causing FTBS
    * d/p/llvm-don-t-use-system-libs.patch:
      Do not use system libraries for linking : We are not linking the .a
      files so we don't care about the libs llvm links against (like -ledit)
      Dropping this patch will cause FTBS on Ubuntu with unresolvable -ledit
    * d/p/0007-fix-ssize_t-size_t-off_t-printf-modifier.patch : Drop
      sigtool/sigtool.c cast patch modification : now upstream.
    * Ignore test results on armhf.

Superseded in xenial-updates on 2016-09-28
Deleted in xenial-proposed on 2016-09-30 (Reason: moved to -updates)
clamav (0.99+dfsg-1ubuntu1.2) xenial; urgency=medium

  * Ensure freshclam service is run after package install (LP: #1590688)

 -- Christian Ehrhardt <email address hidden>  Thu, 07 Jul 2016 09:22:31 +0200
Superseded in yakkety-release on 2016-10-06
Deleted in yakkety-proposed on 2016-10-09 (Reason: moved to release)
clamav (0.99+dfsg-1ubuntu3) yakkety; urgency=medium

  * Ensure freshclam service is run after package install (LP: #1590688)

 -- Christian Ehrhardt <email address hidden>  Thu, 07 Jul 2016 09:22:41 +0200
Superseded in xenial-updates on 2016-08-31
Deleted in xenial-proposed on 2016-09-01 (Reason: moved to -updates)
clamav (0.99+dfsg-1ubuntu1.1) xenial; urgency=medium

  * Fix upgrade paths with proper Breaks/Replaces (LP: #1581839)
    - several files were move since the version in trusty, e.g:
      /usr/share/man/man1/clamdscan.1.gz moved clamav-daemon to clamdscan
      /usr/share/man/man5/clamd.conf.5.gz moved clamav-base to clamav-daemon

 -- Christian Ehrhardt <email address hidden>  Fri, 10 Jun 2016 12:40:52 +0200
Superseded in yakkety-release on 2016-07-18
Deleted in yakkety-proposed on 2016-07-19 (Reason: moved to release)
clamav (0.99+dfsg-1ubuntu2) yakkety; urgency=medium

  * No-change rebuild against libjson-c3.

 -- Graham Inggs <email address hidden>  Thu, 28 Apr 2016 10:34:46 +0200
Superseded in yakkety-release on 2016-05-05
Published in xenial-release on 2016-02-17
Deleted in xenial-proposed (Reason: moved to release)
clamav (0.99+dfsg-1ubuntu1) xenial; urgency=medium

  Merge from Debian. Remaining changes (LP: #1540491) :
    * Explicitly build using llvm-3.6.
    * Ignore test results on armhf.
    * debian/rules: Restore --with-llvm-linking=dynamic to avoid underlinkage
      causing FTBS
    * d/p/llvm-don-t-use-system-libs.patch:
      Do not use system libraries for linking : We are not linking the .a
      files so we don't care about the libs llvm links against (like -ledit)
      Dropping this patch will cause FTBS on Ubuntu with unresolvable -ledit
  Dropped changes :
    * debian/control : libsystemd-dev no longer renamed since it has been
      changed upstream.
    * d/p/0005-libclamav-use-libmspack.patch : Now part of upstream release.
    * d/p/0007-fix-ssize_t-size_t-off_t-printf-modifier.patch : Now part of
      upstream release to the exception of the sigtool/sigtool.c cast
      identified previously.
      d/p/0008-hardcode-LLVM-linker-flag-because-llvm-config-return.patch :
      Now part of upstream release.
      d/p/0012-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch
    * d/clamav-daemon.postinst.in: Fix typo which causes a crash while
      installing this package over any previous version (upgrading). Fixed
      upstream.
    * Explicitly build using llvm-3.5. Now build using llvm-3.6.

Superseded in xenial-release on 2016-02-17
Deleted in xenial-proposed on 2016-02-19 (Reason: moved to release)
clamav (0.98.7+dfsg-0ubuntu5) xenial; urgency=high

  * Use new libsystemd-dev package name.

 -- Dimitri John Ledkov <email address hidden>  Mon, 07 Dec 2015 11:09:19 +0000
Superseded in xenial-release on 2015-12-07
Obsolete in wily-release on 2018-01-22
Deleted in wily-proposed on 2018-01-22 (Reason: moved to release)
clamav (0.98.7+dfsg-0ubuntu4) wily; urgency=medium

  * Ignore test results on armhf.

 -- Matthias Klose <email address hidden>  Mon, 10 Aug 2015 08:37:47 +0000
Superseded in wily-proposed on 2015-08-10
clamav (0.98.7+dfsg-0ubuntu3) wily; urgency=medium

  * No-change rebuild for libstdc++ ABI changes

 -- Matthias Klose <email address hidden>  Sun, 09 Aug 2015 13:45:39 +0000
Superseded in wily-release on 2015-08-16
Deleted in wily-proposed on 2015-08-17 (Reason: moved to release)
clamav (0.98.7+dfsg-0ubuntu1) wily; urgency=medium

  * Updated to 0.98.7 to fix multiple issues
    - CVE-2015-2170
    - CVE-2015-2221
    - CVE-2015-2222
    - CVE-2015-2305
    - CVE-2015-2668
  * Refreshed patches for 0.98.7:
    - d/p/0005-libclamav-use-libmspack.patch
    - d/p/0007-fix-ssize_t-size_t-off_t-printf-modifier.patch
    - d/p/0008-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0015-llvm-don-t-use-system-libs.patch
  * Removed upstreamed patches:
    - d/p/0012-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch

 -- Marc Deslauriers <email address hidden>  Tue, 05 May 2015 14:14:58 -0400
Superseded in trusty-updates on 2016-09-28
Superseded in trusty-security on 2016-09-28
clamav (0.98.7+dfsg-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Updated to 0.98.7 to fix multiple issues
    - CVE-2015-2170
    - CVE-2015-2221
    - CVE-2015-2222
    - CVE-2015-2305
    - CVE-2015-2668
  * Refreshed patches for 0.98.7:
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch

 -- Marc Deslauriers <email address hidden>  Mon, 04 May 2015 15:47:25 -0400
Superseded in precise-updates on 2016-09-28
Superseded in precise-security on 2016-09-28
clamav (0.98.7+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.98.7 to fix multiple issues
    - CVE-2015-2170
    - CVE-2015-2221
    - CVE-2015-2222
    - CVE-2015-2305
    - CVE-2015-2668
  * Refreshed patches for 0.98.7:
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch

 -- Marc Deslauriers <email address hidden>  Mon, 04 May 2015 15:50:41 -0400
Obsolete in utopic-updates on 2016-11-03
Obsolete in utopic-security on 2016-11-03
clamav (0.98.7+dfsg-0ubuntu0.14.10.1) utopic-security; urgency=medium

  * Updated to 0.98.7 to fix multiple issues
    - CVE-2015-2170
    - CVE-2015-2221
    - CVE-2015-2222
    - CVE-2015-2305
    - CVE-2015-2668
  * Refreshed patches for 0.98.7:
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch
  * Removed upstreamed patches:
    - d/p/0014-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch

 -- Marc Deslauriers <email address hidden>  Mon, 04 May 2015 12:02:16 -0400
Obsolete in vivid-updates on 2018-01-18
Obsolete in vivid-security on 2018-01-18
clamav (0.98.7+dfsg-0ubuntu0.15.04.1) vivid-security; urgency=medium

  * Updated to 0.98.7 to fix multiple issues
    - CVE-2015-2170
    - CVE-2015-2221
    - CVE-2015-2222
    - CVE-2015-2305
    - CVE-2015-2668
  * Refreshed patches for 0.98.7:
    - d/p/0005-libclamav-use-libmspack.patch
    - d/p/0007-fix-ssize_t-size_t-off_t-printf-modifier.patch
    - d/p/0008-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0015-llvm-don-t-use-system-libs.patch
  * Removed upstreamed patches:
    - d/p/0012-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch

 -- Marc Deslauriers <email address hidden>  Mon, 04 May 2015 11:32:16 -0400
Superseded in wily-release on 2015-05-05
Deleted in wily-proposed on 2015-05-07 (Reason: moved to release)
Superseded in vivid-updates on 2015-05-05
Deleted in vivid-proposed on 2015-05-07 (Reason: moved to -updates)
clamav (0.98.6+dfsg-1ubuntu4) vivid; urgency=medium

  * No change upload to work around temporary archive ddeb issue

Superseded in vivid-proposed on 2015-04-25
clamav (0.98.6+dfsg-1ubuntu3) vivid; urgency=medium

  * d/clamav-daemon.postinst.in: Fix typo which causes a crash while installing
    this package over any previous version (upgrading). Variable $DEBCONFILE
    has been used incorrectly inside the script instead of $DEBCONFFILE. This
    issue doesn't show up during regular installation (not upgrade) because
    the typo is on the path which gets executed only if debconf information is
    available for the package (LP: #1438745, #1447809, Closes: #778507).
 -- Oleg Strikov <email address hidden>   Fri, 24 Apr 2015 15:05:18 +0000
Superseded in wily-release on 2015-05-05
Obsolete in vivid-release on 2018-01-18
Deleted in vivid-proposed on 2018-01-19 (Reason: moved to release)
clamav (0.98.6+dfsg-1ubuntu2) vivid; urgency=medium

  * Don't use llvm on armhf, arm64 and ppc64el.
    - armhf: Should work, but upstream claims it's not tested and
      refuses to build. Why do we have testsuites?
    - arm64: No JIT available in 3.5.
    - ppc64el: Builds, but fails one test.
 -- Matthias Klose <email address hidden>   Thu, 05 Mar 2015 17:00:42 +0100
Superseded in vivid-proposed on 2015-03-05
clamav (0.98.6+dfsg-1ubuntu1) vivid; urgency=medium

  * Explicitly build using llvm-3.5, on all architectures.
 -- Matthias Klose <email address hidden>   Wed, 04 Mar 2015 20:45:34 +0100
Obsolete in lucid-updates on 2016-10-26
Obsolete in lucid-security on 2016-10-26
clamav (0.98.6+dfsg-0ubuntu0.10.04.1) lucid-security; urgency=medium

  [ Marc Deslauriers ]
  * Updated to 0.98.6 to fix security issues, including CVE-2014-9328.
    (LP: #1420819)
  * Removed upstreamed patches:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0017-Bump-.so-version-number.patch

  [ Chris Pollock ]
  * Drop dh_autoreconf from build-depends
  * Remove use of dh_autoreconf from debian/rules
  * Adjust list of no LLVM architectures in debian/rules to include powerpc
    to avoid FTBFS on lucid

Superseded in precise-updates on 2015-05-05
Superseded in precise-security on 2015-05-05
clamav (0.98.6+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.98.6 to fix security issues, including CVE-2014-9328.
  * Removed upstreamed patches:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0017-Bump-.so-version-number.patch
 -- Marc Deslauriers <email address hidden>   Fri, 30 Jan 2015 09:01:52 -0500
Superseded in trusty-updates on 2015-05-05
Superseded in trusty-security on 2015-05-05
clamav (0.98.6+dfsg-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Updated to 0.98.6 to fix security issues, including CVE-2014-9328.
  * Removed upstreamed patches:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0017-Bump-.so-version-number.patch
 -- Marc Deslauriers <email address hidden>   Fri, 30 Jan 2015 08:53:43 -0500
Superseded in utopic-updates on 2015-05-05
Superseded in utopic-security on 2015-05-05
clamav (0.98.6+dfsg-0ubuntu0.14.10.1) utopic-security; urgency=medium

  * Updated to 0.98.6 to fix security issues, including CVE-2014-9328.
  * Removed upstreamed patches:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0017-Bump-.so-version-number.patch
 -- Marc Deslauriers <email address hidden>   Fri, 30 Jan 2015 08:51:04 -0500
Superseded in vivid-release on 2015-03-06
Deleted in vivid-proposed on 2015-03-07 (Reason: moved to release)
clamav (0.98.6+dfsg-1) unstable; urgency=high


  [ Sebastian Andrzej Siewior ]
  * update "fix-ssize_t-size_t-off_t-printf-modifier", include of misc.h was
    missing but was pulled in via the systemd patch.
  * Don't leak return codes from libmspack to clamav API. (Closes: #774686).

  [ Andreas Cadhalpun ]
  * Add patch to avoid emitting incremental progress messages when not
    outputting to a terminal. (Closes: #767350)
  * Update lintian-overrides for unused-file-paragraph-in-dep5-copyright.
  * clamav-base.postinst: always chown /var/log/clamav and /var/lib/clamav
    to clamav:clamav, not only on fresh installations. (Closes: #775400)
  * Adapt the clamav-daemon and clamav-freshclam logrotate scripts,
    so that they correctly work under systemd.
  * Move the PidFile variable from the clamd/freshclam configuration files
    to the init scripts. This makes the init scripts more robust against
    misconfiguration and avoids error messages with systemd. (Closes: #767353)
  * debian/copyright: drop files from Files-Excluded only present in github
    tarballs
  * Drop Workaround-a-bug-in-libc-on-Hurd.patch, because hurd got fixed.
    (see #752237)
  * debian/rules: Remove useless --with-system-tommath --without-included-ltdl
    configure options.

  [ Scott Kitterman ]
  * Stop stripping llvm when repacking the tarball as the system llvm on some
    releases is too old to use
  * New upstream bugfix release
    - Library shared object revisions.
    - Includes a patch from Sebastian Andrzej Siewior making ClamAV pid files
      compatible with systemd.
    - Fix a heap out of bounds condition with crafted Yoda's crypter files.
      This issue was discovered by Felix Groebert of the Google Security Team.
    - Fix a heap out of bounds condition with crafted mew packer files. This
      issue was discovered by Felix Groebert of the Google Security Team.
    - Fix a heap out of bounds condition with crafted upx packer files. This
      issue was discovered by Kevin Szkudlapski of Quarkslab.
    - Fix a heap out of bounds condition with crafted upack packer files. This
      issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
    - Compensate a crash due to incorrect compiler optimization when handling
      crafted petite packer files. This issue was discovered by Sebastian
      Andrzej Siewior.
  * Update lintian override for embedded zlib to match new so version

  [ Javier Fernández-Sanguino ]
  * Updated Spanish Debconf template translation (Closes: #773563)

 -- Scott Kitterman <email address hidden>  Wed, 28 Jan 2015 00:25:13 -0500

Available diffs

Superseded in vivid-release on 2015-01-29
Deleted in vivid-proposed on 2015-01-31 (Reason: moved to release)
clamav (0.98.5+dfsg-3) unstable; urgency=medium


  * Fix failure to purge, noticed by piuparts. (Closes: #772092)

 -- Andreas Cadhalpun <email address hidden>  Thu, 04 Dec 2014 22:30:17 +0100

Available diffs

Superseded in vivid-release on 2014-12-05
Deleted in vivid-proposed on 2014-12-06 (Reason: moved to release)
clamav (0.98.5+dfsg-2) unstable; urgency=medium


  * Automatically extend the clamav-daemon.socket systemd unit to create the
    TCP socket, when clamd is configured to use TCP. (Closes: #771911)
  * Also accept AF_INET6 sockets in clamd, as they are now supported.
    Systemd uses AF_INET6 for TCP sockets without specified address.

 -- Andreas Cadhalpun <email address hidden>  Wed, 03 Dec 2014 23:26:21 +0100

Available diffs

Superseded in precise-updates on 2015-02-02
Superseded in precise-security on 2015-02-02
clamav (0.98.5+addedllvm-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.98.5 to fix security issues, including CVE-2013-6497.
  * Removed patches no longer needed:
    - d/p/0002-Sebastian-Andrzej-Siewior.patch
    - d/p/0003-configure-use-pkg-config-for-check-so-test-is-detect.patch
    - d/p/0004-Stop-using-a-cargo-culted-syscall-table-and-trust-th.patch
    - d/p/0005-configure.ac-patches-to-got-with-autoreconf-and-auto.patch
    - d/p/0006-Fix-STAT64-definition-and-add-missing-includes.patch
  * Added patches from vivid to fix FTBFS, .so version and other issues:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
    - d/p/0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0017-Bump-.so-version-number.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch
  * debian/clamav-docs.docs: use wildcards, as some docs have changed.
  * debian/clamav-base.postinst.in: added new options.
  * debian/clamav-base.config.in: added new options.
  * debian/clamav-base.templates: added new options.
  * debian/control: added libssl-dev BuildDepends.
  * clamav-testfiles.install: removed rar files.
 -- Marc Deslauriers <email address hidden>   Fri, 21 Nov 2014 09:58:30 -0500
Superseded in trusty-updates on 2015-02-02
Superseded in trusty-security on 2015-02-02
clamav (0.98.5+addedllvm-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Updated to 0.98.5 to fix security issues, including CVE-2013-6497.
  * Removed patches no longer needed:
    - d/p/0002-Sebastian-Andrzej-Siewior.patch
    - d/p/0003-configure-use-pkg-config-for-check-so-test-is-detect.patch
    - d/p/0004-Stop-using-a-cargo-culted-syscall-table-and-trust-th.patch
    - d/p/0005-configure.ac-patches-to-got-with-autoreconf-and-auto.patch
    - d/p/0006-Fix-STAT64-definition-and-add-missing-includes.patch
  * Added patches from vivid to fix FTBFS, .so version and other issues:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
    - d/p/0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0017-Bump-.so-version-number.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch
  * debian/clamav-docs.docs: use wildcards, as some docs have changed.
  * debian/clamav-base.postinst.in: added new options.
  * debian/clamav-base.config.in: added new options.
  * debian/clamav-base.templates: added new options.
  * debian/control: added libssl-dev BuildDepends.
  * clamav-testfiles.install: removed rar files.
 -- Marc Deslauriers <email address hidden>   Thu, 20 Nov 2014 14:29:18 -0500
Superseded in utopic-updates on 2015-02-02
Superseded in utopic-security on 2015-02-02
clamav (0.98.5+dfsg-0ubuntu0.14.10.1) utopic-security; urgency=medium

  * Updated to 0.98.5 to fix security issues, including CVE-2013-6497.
  * Removed upstreamed patches:
    - d/p/0004-Fix-FTBFS-with-LLVM-3.1-3.4.patch
    - d/p/0006-Fix-underlinking-with-llvm-in-libclamav-c-Makefile.a.patch
    - d/p/0007-bb-11028-fixed-a-deadlock-issue-with-fanotify-and-lo.patch
    - d/p/0010-Call-cl_initialize_crypto-in-cl_init.patch
  * Removed patches not needed in Ubuntu:
    - d/p/0005-enable-llvm-jit-on-kfreebsd.patch
    - d/p/0008-Fix-compiling-on-Hurd.patch
    - d/p/0009-Workaround-a-bug-in-libc-on-Hurd.patch
  * Added patches from vivid to fix FTBFS and .so version:
    - d/p/0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0014-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch
    - d/p/0017-Bump-.so-version-number.patch
  * debian/control: added libncurses5-dev to Build-Depends.
  * debian/clamav-docs.docs: use wildcards, as some docs have changed.
 -- Marc Deslauriers <email address hidden>   Thu, 20 Nov 2014 10:01:09 -0500
Superseded in vivid-release on 2014-12-04
Deleted in vivid-proposed on 2014-12-05 (Reason: moved to release)
clamav (0.98.5+dfsg-1) unstable; urgency=medium


  [ Sebastian Andrzej Siewior ]
  * import new upsstream version, refresh patches:
    dropped:
     - LLVM-3.5-version-check-update.patch
     - add-support-for-LLVM-3.5.patch
     - fix-test-failure-on-powerpc-again.patch
    updated:
     - hardcode-LLVM-linker-flag-because-llvm-config-return
     - added "bb-10731-Allow-to-specificy-a-group-for-the-socket-o" as
       dependecy for "clamav-milter-add-additinal-SMFIF_-flags-before-invo"
    (Closes: #763300)
  * Add "Bump-.so-version-number", likely the RPM version of 769384.
  * Add "llvm-don-t-use-system-libs", since we don't link against .a libs, we
    don't need the deps either.

  [ Scott Kitterman ]
  * Update libclamav6: embedded-library lintian override for new libclamav6 so
    version

 -- Sebastian Andrzej Siewior <email address hidden>  Wed, 19 Nov 2014 22:28:22 +0100

Available diffs

Superseded in vivid-release on 2014-11-20
Deleted in vivid-proposed on 2014-11-21 (Reason: moved to release)
clamav (0.98.5~rc1+dfsg-4) unstable; urgency=medium


  * Bump the version requirement for the cl_retflevel symbol to 0.98.5~rc1,
    because the CL_FLEVEL, which this function returns, increased in that
    version the last time.
    This ensures that the functionality level of libclamav is always new
    enough. (Closes: #769384)

 -- Andreas Cadhalpun <email address hidden>  Thu, 13 Nov 2014 23:34:58 +0100
175 of 427 results